11 matches found
EUVD-2023-1695
Malicious code in bioql PyPI...
CVE-2023-35174
Livebook is a web application for writing interactive and collaborative code notebooks. On Windows, it is possible to open a livebook:// link from a browser which opens Livebook Desktop and triggers arbitrary code execution on victim's machine. Any user using Livebook Desktop on Windows is...
Design/Logic Flaw
Livebook is a web application for writing interactive and collaborative code notebooks. On Windows, it is possible to open a livebook:// link from a browser which opens Livebook Desktop and triggers arbitrary code execution on victim's machine. Any user using Livebook Desktop on Windows is...
CVE-2023-35174 Livebook Desktop's protocol handler can be exploited to execute arbitrary command on Windows
Livebook is a web application for writing interactive and collaborative code notebooks. On Windows, it is possible to open a livebook:// link from a browser which opens Livebook Desktop and triggers arbitrary code execution on victim's machine. Any user using Livebook Desktop on Windows is...
CVE-2023-35174
CVE-2023-35174 affects Livebook Desktop on Windows, where opening a browser-triggered livebook:// link can execute arbitrary code on the victim’s machine. The root cause is the protocol handler invocation from the browser, enabling code execution when users expect Livebook to open. Impact is arbi...
CVE-2023-35174 Livebook Desktop's protocol handler can be exploited to execute arbitrary command on Windows
Livebook is a web application for writing interactive and collaborative code notebooks. On Windows, it is possible to open a livebook:// link from a browser which opens Livebook Desktop and triggers arbitrary code execution on victim's machine. Any user using Livebook Desktop on Windows is...
CVE-2023-35174 Livebook Desktop's protocol handler can be exploited to execute arbitrary command on Windows
Livebook is a web application for writing interactive and collaborative code notebooks. On Windows, it is possible to open a livebook:// link from a browser which opens Livebook Desktop and triggers arbitrary code execution on victim's machine. Any user using Livebook Desktop on Windows is...
Livebook 操作系统命令注入漏洞
Livebook is a web application for writing interactive and collaborative code notebooks. Livebook suffers from an operating system command injection vulnerability that originates from allowing an attacker to execute arbitrary commands using Desktop's protocol handler. Affected products and version...
GHSA-564W-97R7-C6P9 Livebook Desktop's protocol handler can be exploited to execute arbitrary command on Windows
On Windows, it is possible to open a livebook:// link from a browser which opens Livebook Desktop and triggers arbitrary code execution on victim's machine. Any user using Livebook Desktop on Windows is potentially vulnerable to arbitrary code execution when they expect Livebook to be opened from...
Livebook Desktop's protocol handler can be exploited to execute arbitrary command on Windows
On Windows, it is possible to open a livebook:// link from a browser which opens Livebook Desktop and triggers arbitrary code execution on victim's machine. Any user using Livebook Desktop on Windows is potentially vulnerable to arbitrary code execution when they expect Livebook to be opened from...
PT-2023-25184 · Livebook · Livebook
Name of the Vulnerable Software and Affected Versions: Livebook versions prior to 0.8.2 Livebook versions prior to 0.9.3 Description: The issue allows arbitrary code execution on a victim's machine when a livebook:// link is opened from a browser, triggering Livebook Desktop to execute the code...